One uncontested theme in the fury surrounding the Internal Revenue Service’s admission that it lost two years' worth of emails subpoenaed by investigators: The agency is working with some outdated information technology.

“I fondly refer to our IT system as a Model T with a very nice GPS system and a sound system and a redone engine, but it’s still a Model T,” IRS Commissioner John Koskinen told lawmakers Friday.

The situation was worse three years ago, when Lois Lerner, then-chief of the IRS division for tax-exempt organizations, lost two years' worth of emails as the result of a hard drive failure.

To minimize data storage, agency email accounts could only hold about 1,800 emails -- a limit that was raised to about 6,000 -- and employees were asked to archive additional emails on their hard drives. This process was -- and still is -- common practice at numerous agencies. When Lerner’s hard drive died, those emails were lost for good.

Koskinen said Lerner’s hard drive was destroyed, after multiple efforts to retrieve its content failed. Although it’s not clear what prompted them, IT staff members at the time took the unusual step of sending the hard drive to the agency’s Criminal Investigation Division’s forensic lab after technicians were unable to recover the data.

“Unfortunately, the news is not good,” an IT manager told Lerner in an Aug. 5, 2011, email that wasn’t lost. “The sectors on the hard drive were bad which made your data unrecoverable. I am very sorry. Everyone involved tried their best.”

Two years later, Lerner and her emails took center stage in multiple investigations into charges the Exempt Organizations Division unfairly scrutinized applications for tax-exempt status from conservative groups. But it took another year for the agency to reveal that years of emails relevant to these investigations no longer existed; this information came out last week.

The agency has recovered some 24,000 of the lost emails -- which it will hand over to investigators by the end of the month -- through searches of other employees’ emails, Koskinen said. The White House said earlier this week there were no direct email communications between Lerner and the Executive Office of the President during the period of the missing emails -- the two years preceding the mid-2011 hard drive crash -- after some Republicans suggested the emails were purposefully destroyed to hide White House cooperation.

At the moment, to search archived emails, IRS must pull the accounts and the employees’ hard drives and load them into another device to search them. “That’s an antiquated system,” Koskinen said.

Democrats have argued a lack of funding is to blame. “Congress has cut the IRS budget for operations -- which includes what is spent on computers and other information technology -- every year for the past five years,” said Rep. Sander Levin, D-Mich., ranking member of the House Ways and Means Committee, which held Friday's hearing.

Koskinen said the agency has tried update its systems as much as possible, given the limited funding. “The IRS has $1 billion worth of computer equipment, and the agency should be spending $150 million to $200 million on maintenance for that equipment,” he said. “Instead, the agency spends virtually nothing because it cannot afford to properly maintain what it has.”

The agency at this point needs about $400 to $500 million for IT modernization and improvement, Koskinen said, noting not everyone at the agency has even been upgraded to Windows 7.

Republicans remained highly skeptical that the emails weren’t lost on purpose. Without engaging with the specifics of the agency’s IT system, they noted the tax collector itself would not relieve taxpayers of their obligations as the result of a crashed hard drive.

“The IRS is in charge of hundreds of millions of taxpayers’ information,” said Rep. Dave Camp, R-Mich., the committee chairman. “You’re now saying your technology system was so poor that years' worth of emails are forever unrecoverable. How does that put anyone at ease? How far would the excuse of ‘I lost it’ get with the IRS for an average American trying to file their yearly taxes who may have lost a few receipts?”

FROM OUR SPONSORS

sponsored

JOIN THE DISCUSSION

By using this service you agree not to post material that is obscene, harassing, defamatory, or
otherwise objectionable. Although Nextgov does not monitor comments posted to this site (and has
no obligation to), it reserves the right to delete, edit, or move any material that it deems to
be in violation of this rule.

Thank you for subscribing to newsletters from Nextgov.com.
We think these reports might interest you:

Data-Centric Security vs. Database-Level Security

Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.

PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.